Secure security model implementation for security services and related attacks base on end-to-end, application layer and data link layer security

Authors:
Shahrulniza Musa;AAmir Shahzad;Abdulaziz Aborujilah
Affiliations:
Malaysian Institute of Information Technology (MIIT) University, Kuala Lumpur, Malaysia;Malaysian Institute of Information Technology (MIIT) University, Kuala Lumpur, Malaysia;Malaysian Institute of Information Technology (MIIT) University, Kuala Lumpur, Malaysia
Venue:
Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication
Year:
2013

Citing 2
Cited 1

SKMA: a key management architecture for SCADA systems

ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Improving the cyber security of SCADA communication networks

Communications of the ACM - Barbara Liskov: ACM's A.M. Turing Award Winner

Industrial control systems (ICSs) vulnerabilities analysis and SCADA security enhancement using testbed encryption

Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication

Quantified Score

Hi-index	0.00

Visualization

Abstract

SCADA (Supervisory Control and Data Acquisition), these are systems based on real-time processing, control and design for real time infrastructure such as water pumping stations, oil purification plants and rail control centers etc. In the initial structure of SCADA there is no security mechanism that prevents or detects the attacks in SCADA communication network. SCADA technology is not new but was deployed in limited networks; currently these systems have been deployed and accessible by many networks such as LAN/WAN, Mobile networks, Web Browsers and GPRS through internet technology. Using Modern communication facilities SCADA systems are vulnerable from different types of internet attacks that create major security problems for SCADA communication. The current paper proposes cryptography solutions for securing SCADA communication. In first part, we propose Cryptography solution using "Advance Encryption Standard (AES) and SHA-1 algorithms" to secure each end of SCADA communication by implementing security services such as authentication, integrity, and confidentiality In Second part, we propose hybrid cryptography solution for SCADA and give solution to prevent the major attacks that in- Securing the SCADA communication. "Hybrid Cryptography Secure Simulation Model" is used to discuss and give solutions for putting security services such as authentication, integrity, confidentiality, and non-repudiation in APDU (Application Protocol Data Unit) and LPDU (Link Protocol Data Unit) within SCADA DNP3 protocol, and Rest of paper provide solutions to overcome/prevent attacks such as Guessing Shared Key, Brute force from Authentication; Eavesdropping, Key Cracking, Man in the Middle from Confidentiality; Frame Injection, Data Replay, Data Deletion from Integrity. We use DNP3Sec as framework. Current paper gives research Directions and methods to more secure real time systems.